planet is vulnerable to API Token Disclosure. The vulnerability is due to insecure file permissions set on the secrets file containing the API key. Any user in the system is able to view the secret fi ...
Continue Reading
May 19, 2023
mlflow is vulnerable to Path Traversal. The vulnerability exists because the `handlers.py` does not properly sanitize the path parameter, which allows an attacker to access files outside the expected ...
Continue Reading
May 19, 2023
Nmstate is a library with an accompanying command line tool that manages ho st networking settings in a declarative manner and aimed to satisfy enterprise needs to manage host networking through a nor ...
Continue Reading
May 19, 2023
KeePass is a free open source [password manager](), which helps you to manage your passwords and stores them in encrypted form. In fact, KeePass encrypts the whole database, i.e. not only your passwor ...
Continue Reading
May 19, 2023
Cyber criminals come in all shapes and sizes. On one end of the spectrum, there's the script kiddie or inexperienced ransomware gang looking to make a quick buck. On the other end are state-sponsored ...
Continue Reading
May 19, 2023
Metabase is an open source business analytics engine. To edit SQL Snippets, Metabase should have required people to be in at least one group with native query editing permissions to a databaseâbu ...
Continue Reading
May 19, 2023
An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerabil ...
Continue Reading
May 18, 2023
Last week, there were 139 vulnerabilities disclosed in 105 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 47 Vulnera ...
Continue Reading
May 18, 2023
Back to Main
